In the previous article   , we got an overview of the key concepts related to authentication, authorization and the ASP.NET Core Identity   platform. In this post, we’ll go over the entities made available through the platform, and the corresponding relations that will be added to the database once it’s been integrated.

Migrations

To generate the migrations that add the Identity relations, the provided IdentityDbContext   must first be derived from. For example:

public class ApplicationDbContext: IdentityDbContext {}

We can then generate the migrations via the dotnet ef command:

dotnet ef migrations add IdentityCreate

The migration file should look a little like the one found in this gist  

When the table is updated using the generated migration, the following relations are added to the database: AspNetUsers, AspNetRoles, AspNetUserClaims, AspNetUserTokens, AspNetUserLogins, AspNetRoleClaims, andAspNetUserRoles. These relations, and their matching entities, will be summarized in the next section.

Relations

AspNetUsers

• Stores authentication User   information in the database
• Represented by the IdentityUser   entity. It’s an implementation of IdentityUser<TKey> that uses a string as a primary key.
• The corresponding columns for the NormalizedUserName and NormalizedEmail default properties of the IdentityUser are indexed.

AspNetRoles

• Table for the authorization Roles  
• Maps to the IdentityRole   entity.
• The corresponding column for the NormalizedName default property of the IdentityRole is indexed.

AspNetUserRoles

• The join table for the many-to-many relationship between the IdentityUser and IdentityRole entities. Each User can have many associated Roles, and each Role can be associated with many Users.
• Maps to the IdentityUserRole<TKey>   class.
• A user’s roles can be obtained via the GetRolesAsync   method of the UserManager.

var user = await userManager.FindByEmailAsync(userDto.Email);
var roles = await userManager.GetRolesAsync(user);

AspNetUserClaims

• Stores the Claims   that a User possesses.
• Represented by the IdentityUserClaim<TKey>   entity.
• A user can have many claims.
• A user’s claims can be obtained via the GetClaimsAsync   method of the UserManager.

AspNetUserLogins

• Table for the user’s logins. A login associates the user with a provider.
• Represented by the IdentityUserLogin<TKey>   class.
• A user can have many logins.

AspNetUserTokens

• Table for the user’s authentication Tokens   .
• Maps to the IdentityUserToken<TKey>   class.
• The user’s authentication token can be retrieved via the GetAuthenticationTokenAsync   method of the UserManager.

var authScheme = "google";
var tokenName = "login";
var user = await userManager.FindByEmailAsync(userDto.Email, authScheme, tokenName);
var token = userManager.GetAuthenticationTokenAsync(user);

AspNetRoleClaims

• Table for claims that are granted to all users within a role.
• Maps to the IdentityRoleClaim<TKey>   class.